google-site-verification: googlee9447d3b266da5de.html

NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity


Weekly Threat Report - 22nd May 2020

Older versions of the QTS operating system vulnerable

Users of the QTS operating system have been urged to ensure it is updated to the latest version.

A bug bounty report has found that QNAP NAS devices running older versions of the QTS operating system may be attacked through a number of vulnerabilities which, when chained together, would allow an attacker to gain remote access. The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. In this case the most important aspect is to install the latest version of the QTS operating system.

It is good practice to always install and use the latest software version and update it regularly because these contain vital security fixes.

Further details of the vulnerabilities can be found in the report.


Advice issued following EasyJet cyber incident

Earlier this week, EasyJet revealed that it had suffered a cyber attack and was in the process of contacting affected customers.

In a statement, the company said that the email address and travel details of approximately 9 million customers were accessed. Credit card details of 2,208 customers were also accessed.

Compromised personal details can be used by hackers to create convincingly personalised scam emails, which can be hard to spot. EasyJet customers are encouraged to report any suspicious emails to the NCSC, using the Suspicious Email Reporting Service (SERS). We’d also recommend customers change the password to their EasyJet account – and if this password has been used anywhere else, change it there too. Setting a password that’s made up of three random words will make it stronger. Switching on two-factor authentication (2FA), where possible, will also help to secure your important accounts.

We've published advice to EasyJet customers. Anyone who thinks they have been a victim of online crime can report a cyber incident using Action Fraud’s online fraud reporting tool anytime of the day or night, or call 0300 123 2040. For further information visit www.actionfraud.police.uk.


Topics Cyber threat

Personal data

PhishingDevices

Cyber attack


National Cyber Security Centre Weekly Threat Reports

ASKET Cyber Security Resources


16 views
ASKET Social Media
  • Grey LinkedIn Icon
  • Grey Twitter Icon
  • Grey Facebook Icon

SOCIAL MEDIA

ASKET Contact

CONTACT

UK Tel: +44 7827 012195

UAE Tel: +971 5283 33164

Email: broker@asket.co.uk

ASKET Address

ADDRESS

ASKET Ltd​

86-90 Paul Street​

London​

EC2A 4NE

Company NO: 08763474